1. SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU Belgrade Date: 26/03/2009

2. SWEB SWEB user types  JAVA mobile client .NET mobile client  SELIS client  Civil Servant client

3. SWEB Security of communications between the client and SWEB platform  XML signature  Time Stamping  SAML token  WS-Security (WS-Encryption and/or WS-Signature)

4. SWEB User authentication and authorization  Username/password to access the client application and asymmetric private key  User’s digital certificate to be authenticated by the STS server  SAML token issued to the user for authentication to the particular service  User profile (digital certificate) for user authorization to the platform

5. SWEB Secure communication between two SWEB platforms  Digital certificate for authentication to the STS server  SAML token for authentication to the service  User’s profile (digital certificate) for user authorization

6. SWEB Identities of users  Digital certificates  PKI hierarchy  XKMS for certificate locating (LocateRequest) and validating (ValidateRequest)

7. SWEB

9. The Residence Certification Service Cross-Border request scenario

10. SWEB SWEB Security Aspects Summary  X.509 certificate  XML Digital Signatures and Encryption  WS-security  Time stamping  Federation Identity - Security Token (SAML)  XKMS  Smart cards for Civil Servants  Future upgrade include PKI SIM cards

11. SWEB Future research directions  Implementing JAVA mobile application into the JAVA CDC 1.1 enabled mobile devices  Full implementation of advanced electronic signature formats (e.g. XAdeS)  Integration of PKI SIM technology in the Mobile Client application  Using SWEB-like system for other PKI based e/m-governmental services (strong user authentication to other e-gov web portals, signing documents prepared through some other communication channels, qualified signatures, etc.)

12. SWEB Thank You!!